Add option to only allow content records to be placed in sysfolders

Author: Tuurlijk

Classes/Controller/H5pModuleController.php

@@ -51,6 +51,11 @@ class H5pModuleController extends ActionController
      */
     public $perms_clause;
 
+    /**
+     * @var bool
+     */
+    protected $h5pContentAllowedOnPage = false;
+
     /**
      * @var string
      */
@@ -136,6 +141,15 @@ public function initializeAction()
             $this->isAccessibleForCurrentUser = false;
         }
 
+        // Get extension configuration
+        $allowContentOnStandardPages = false;
+        $extConf = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['h5p']);
+        if (!isset($extConf['onlyAllowRecordsInSysfolders']) || (int)$extConf['onlyAllowRecordsInSysfolders'] === 0) {
+            $allowContentOnStandardPages = true;
+        }
+        $pageIsSysfolder = (int)$this->pageRecord['doktype'] === 254;
+        $this->h5pContentAllowedOnPage = $allowContentOnStandardPages || $pageIsSysfolder;
+
         // read configuration
         $modTS = $backendUser->getTSConfig('mod.recycler');
         if ($this->isCurrentUserAdmin()) {
@@ -233,14 +247,16 @@ protected function registerDocheaderButtons()
             ->setGetVariables($getVars);
         $buttonBar->addButton($shortcutButton);
 
-        if (in_array($this->request->getControllerActionName(), ['content', 'index', 'show'])) {
-            $title = $this->getLanguageService()->sL('LLL:EXT:h5p/Resources/Private/Language/locallang.xlf:module.menu.new');
-            $icon = $this->view->getModuleTemplate()->getIconFactory()->getIcon('actions-document-new', Icon::SIZE_SMALL);
-            $addUserButton = $buttonBar->makeLinkButton()
-                ->setHref($this->getHref('H5pModule', 'new'))
-                ->setTitle($title)
-                ->setIcon($icon);
-            $buttonBar->addButton($addUserButton, ButtonBar::BUTTON_POSITION_LEFT);
+        if ($this->h5pContentAllowedOnPage) {
+            if (in_array($this->request->getControllerActionName(), ['content', 'index', 'show'])) {
+                $title = $this->getLanguageService()->sL('LLL:EXT:h5p/Resources/Private/Language/locallang.xlf:module.menu.new');
+                $icon = $this->view->getModuleTemplate()->getIconFactory()->getIcon('actions-document-new', Icon::SIZE_SMALL);
+                $addUserButton = $buttonBar->makeLinkButton()
+                    ->setHref($this->getHref('H5pModule', 'new'))
+                    ->setTitle($title)
+                    ->setIcon($icon);
+                $buttonBar->addButton($addUserButton, ButtonBar::BUTTON_POSITION_LEFT);
+            }
         }
 
         if (in_array($this->request->getControllerActionName(), ['show'])) {
@@ -293,11 +309,13 @@ protected function generateMenu()
             'action'     => 'content',
             'label'      => $this->getLanguageService()->sL('LLL:EXT:h5p/Resources/Private/Language/locallang.xlf:module.menu.content')
         ];
-        $menuItems['new'] = [
-            'controller' => 'H5pModule',
-            'action'     => 'new',
-            'label'      => $this->getLanguageService()->sL('LLL:EXT:h5p/Resources/Private/Language/locallang.xlf:module.menu.new')
-        ];
+        if ($this->h5pContentAllowedOnPage) {
+            $menuItems['new'] = [
+                'controller' => 'H5pModule',
+                'action'     => 'new',
+                'label'      => $this->getLanguageService()->sL('LLL:EXT:h5p/Resources/Private/Language/locallang.xlf:module.menu.new')
+            ];
+        }
         $menuItems['libraries'] = [
             'controller' => 'H5pModule',
             'action'     => 'libraries',
@@ -336,6 +354,7 @@ public function indexAction()
         $contentRepository = $this->objectManager->get(ContentRepository::class);
         $content = $contentRepository->findAll();
 
+        $this->view->assign('h5pContentAllowedOnPage', $this->h5pContentAllowedOnPage);
         $this->view->assign('dateFormat', $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy']);
         $this->view->assign('timeFormat', $GLOBALS['TYPO3_CONF_VARS']['SYS']['hhmm']);
         $this->view->assign('id', $this->id);
@@ -357,6 +376,7 @@ public function contentAction()
         $contentRepository = $this->objectManager->get(ContentRepository::class);
         $content = $contentRepository->findByPid($this->id);
 
+        $this->view->assign('h5pContentAllowedOnPage', $this->h5pContentAllowedOnPage);
         $this->view->assign('dateFormat', $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy']);
         $this->view->assign('timeFormat', $GLOBALS['TYPO3_CONF_VARS']['SYS']['hhmm']);
         $this->view->assign('id', $this->id);
@@ -885,6 +905,7 @@ public function consentAction()
     public function newAction(int $contentId = 0)
     {
         $this->view->assign('didConsent', (int)$this->h5pFramework->getOption('hub_is_enabled') === 1);
+        $this->view->assign('h5pContentAllowedOnPage', $this->h5pContentAllowedOnPage);
 
         $this->view->getModuleTemplate()->getPageRenderer()->addInlineLanguageLabelFile('EXT:h5p/Resources/Private/Language/locallang.xlf');
         if ($this->isAccessibleForCurrentUser) {

Resources/Private/Language/locallang.xlf

@@ -298,6 +298,9 @@
             <trans-unit id="settings.displayCopyright">
                 <source>Display Copyright button</source>
             </trans-unit>
+            <trans-unit id="settings.onlyAllowRecordsInSysfolders">
+                <source>Only allow H5P records in sysfolders: Keep your records organised</source>
+            </trans-unit>
             <trans-unit id="module.menu.choose">
                 <source>...</source>
             </trans-unit>

Resources/Private/Templates/H5pModule/Content.html

@@ -53,9 +53,16 @@ <h1><f:translate key="content_on_current_page"/></h1>
         </f:then>
         <f:else>
             <p>No H5P content available. You must upload or create new content.</p>
-            <f:form action="new" controller="H5pModule">
-                <f:form.button class="button" type="submit"><f:translate key="module.menu.new">Create</f:translate></f:form.button>
-            </f:form>
+            <f:if condition="{h5pContentAllowedOnPage}">
+                <f:then>
+                    <f:form action="new" controller="H5pModule">
+                        <f:form.button class="button" type="submit"><f:translate key="module.menu.new">Create</f:translate></f:form.button>
+                    </f:form>
+                </f:then>
+                <f:else>
+                    <p>No H5P content allowed on this page, please navigate to a folder and add content there.</p>
+                </f:else>
+            </f:if>
         </f:else>
     </f:if>
 </f:section>

Resources/Private/Templates/H5pModule/Index.html

@@ -53,9 +53,16 @@ <h1>Content</h1>
         </f:then>
         <f:else>
             <p>No H5P content available. You must upload or create new content.</p>
-            <f:form action="new" controller="H5pModule">
-                <f:form.button class="button" type="submit"><f:translate key="module.menu.new">Create</f:translate></f:form.button>
-            </f:form>
+            <f:if condition="{h5pContentAllowedOnPage}">
+                <f:then>
+                    <f:form action="new" controller="H5pModule">
+                        <f:form.button class="button" type="submit"><f:translate key="module.menu.new">Create</f:translate></f:form.button>
+                    </f:form>
+                </f:then>
+                <f:else>
+                    <p>No H5P content allowed on this page, please navigate to a folder and add content there.</p>
+                </f:else>
+            </f:if>
         </f:else>
     </f:if>
 </f:section>

Resources/Private/Templates/H5pModule/New.html

@@ -4,56 +4,63 @@
 <f:section name="content">
     <f:if condition="{didConsent}">
         <f:then>
-            <h1><f:translate key="module.menu.new">New</f:translate></h1>
-            <f:flashMessages/>
+            <f:if condition="{h5pContentAllowedOnPage}">
+                <f:then>
+                    <h1><f:translate key="module.menu.new">New</f:translate></h1>
+                    <f:flashMessages/>
 
-            <f:form method="post" enctype="multipart/form-data" id="h5p-content-form" action="create" controller="H5pModule">
-                <div id="post-body-content">
-                    <div class="h5p-upload">
-                        <f:form.upload name="h5p_file" id="h5p-file"/>
-                        <div class="h5p-disable-file-check">
-                            <label><input type="checkbox" name="h5p_disable_file_check" id="h5p-disable-file-check"/> Disable
-                                file extension check</label>
-                            <div class="h5p-warning">Warning! This may have security implications as it allows for uploading php
-                                files. That in turn could make it possible for attackers to execute malicious code on your site.
-                                Please make sure you know exactly what you're uploading.
+                    <f:form method="post" enctype="multipart/form-data" id="h5p-content-form" action="create" controller="H5pModule">
+                        <div id="post-body-content">
+                            <div class="h5p-upload">
+                                <f:form.upload name="h5p_file" id="h5p-file"/>
+                                <div class="h5p-disable-file-check">
+                                    <label><input type="checkbox" name="h5p_disable_file_check" id="h5p-disable-file-check"/> Disable
+                                        file extension check</label>
+                                    <div class="h5p-warning">Warning! This may have security implications as it allows for uploading php
+                                        files. That in turn could make it possible for attackers to execute malicious code on your site.
+                                        Please make sure you know exactly what you're uploading.
+                                    </div>
+                                </div>
+                            </div>
+                            <div class="h5p-create">
+                                <div class="h5p-editor">Waiting for javascript...</div>
                             </div>
                         </div>
-                    </div>
-                    <div class="h5p-create">
-                        <div class="h5p-editor">Waiting for javascript...</div>
-                    </div>
-                </div>
-                <div class="postbox h5p-sidebar">
-                    <h2>Actions</h2>
-                    <div id="minor-publishing" style="display:none">
-                        <label><input type="radio" name="action" value="upload"/>Upload</label>
-                        <label><input type="radio" name="action" value="create"/>Create</label>
-                        <f:form.hidden name="library" value="{library}"/>
-                        <f:form.hidden name="parameters" value="{parameters}"/>
-                    </div>
-                    <div id="major-publishing-actions" class="submitbox">
-                        <input type="submit" name="submit-button" value="Create" class="button button-primary button-large"/>
-                    </div>
-                </div>
-                <div class="postbox h5p-sidebar">
-                    <h2>Display Options</h2>
-                    <div class="h5p-action-bar-settings h5p-panel">
-                        <label>
-                            <f:form.checkbox name="frame" value="true" checked="checked"/>
-                            Display toolbar below content </label>
-                        <label title="If checked a reuse button will always be displayed for this content and allow users to download the content as an .h5p file">
-                            <f:form.checkbox name="download" value="true" checked="checked"/>
-                            Allow users to download the content </label>
-                        <label>
-                            <f:form.checkbox name="embed" value="true" checked="checked"/>
-                            Display Embed button </label>
-                        <label>
-                            <f:form.checkbox name="copyright" value="true" checked="checked"/>
-                            Display Copyright button </label>
-                    </div>
-                </div>
-            </f:form>
+                        <div class="postbox h5p-sidebar">
+                            <h2>Actions</h2>
+                            <div id="minor-publishing" style="display:none">
+                                <label><input type="radio" name="action" value="upload"/>Upload</label>
+                                <label><input type="radio" name="action" value="create"/>Create</label>
+                                <f:form.hidden name="library" value="{library}"/>
+                                <f:form.hidden name="parameters" value="{parameters}"/>
+                            </div>
+                            <div id="major-publishing-actions" class="submitbox">
+                                <input type="submit" name="submit-button" value="Create" class="button button-primary button-large"/>
+                            </div>
+                        </div>
+                        <div class="postbox h5p-sidebar">
+                            <h2>Display Options</h2>
+                            <div class="h5p-action-bar-settings h5p-panel">
+                                <label>
+                                    <f:form.checkbox name="frame" value="true" checked="checked"/>
+                                    Display toolbar below content </label>
+                                <label title="If checked a reuse button will always be displayed for this content and allow users to download the content as an .h5p file">
+                                    <f:form.checkbox name="download" value="true" checked="checked"/>
+                                    Allow users to download the content </label>
+                                <label>
+                                    <f:form.checkbox name="embed" value="true" checked="checked"/>
+                                    Display Embed button </label>
+                                <label>
+                                    <f:form.checkbox name="copyright" value="true" checked="checked"/>
+                                    Display Copyright button </label>
+                            </div>
+                        </div>
+                    </f:form>
+                </f:then>
+                <f:else>
+                    <p>No H5P content allowed on this page, please navigate to a folder and add content there.</p>
+                </f:else>
+            </f:if>
         </f:then>
         <f:else>
             <f:form method="post" enctype="multipart/form-data" id="h5p-content-form" action="consent" controller="H5pModule">

ext_conf_template.txt

@@ -1,4 +1,3 @@
-
 # cat=basic/enable/010; type=boolean; label=LLL:EXT:h5p/Resources/Private/Language/locallang.xlf:settings.toolbarBelowContent:
 toolbarBelowContent = 1
 # cat=basic/enable/020; type=boolean; label=LLL:EXT:h5p/Resources/Private/Language/locallang.xlf:settings.allowDownload:
@@ -7,3 +6,5 @@ allowDownload = 1
 displayEmbed = 1
 # cat=basic/enable/040; type=boolean; label=LLL:EXT:h5p/Resources/Private/Language/locallang.xlf:settings.displayCopyright:
 displayCopyright = 1
+# cat=basic/enable/050; type=boolean; label=LLL:EXT:h5p/Resources/Private/Language/locallang.xlf:settings.onlyAllowRecordsInSysfolders:
+onlyAllowRecordsInSysfolders = 0

ext_emconf.php

@@ -11,7 +11,7 @@
     'dependencies'     => '',
     'state'            => 'stable',
     'uploadfolder'     => 0,
-    'version'          => '0.1.2',
+    'version'          => '0.2.2',
     'constraints'      => [
         'depends'      => [
             'typo3' => '7.0.0-9.5.99',

ext_tables.php

@@ -41,5 +41,14 @@
         ['source' => 'EXT:h5p/ext_icon.gif']
     );
 
+    call_user_func(
+        function ($extKey) {
+            $extConf = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf'][$extKey]);
+            if (!isset($extConf['onlyAllowRecordsInSysfolders']) || (int)$extConf['onlyAllowRecordsInSysfolders'] === 0) {
+                \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::allowTableOnStandardPages('tx_h5p_domain_model_content');
+            }
+        },
+        'h5p'
+    );
+    \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::allowTableOnStandardPages('tx_h5p_domain_model_configsetting');
 }
-\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::allowTableOnStandardPages('tx_h5p_domain_model_configsetting');